From cee7ce95385678640afce858ac9d738b06a435e0 Mon Sep 17 00:00:00 2001 From: nickc Date: Fri, 13 Aug 2010 11:36:38 +0000 Subject: * argv.c (expandargv): Limit the number of times that response files are opened in order to prevent infinite recursion. git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@163222 138bc75d-0d04-0410-961f-82ee72b054a4 --- libiberty/ChangeLog | 5 +++++ libiberty/argv.c | 11 ++++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) (limited to 'libiberty') diff --git a/libiberty/ChangeLog b/libiberty/ChangeLog index 0a31b0c4c45..f09042d59d6 100644 --- a/libiberty/ChangeLog +++ b/libiberty/ChangeLog @@ -1,3 +1,8 @@ +2010-08-13 Nick Clifton + + * argv.c (expandargv): Limit the number of times that response + files are opened in order to prevent infinite recursion. + 2010-07-21 Pascal Obry * make-temp-file.c (choose_tmpdir): Append a dot to P_tmpdir if needed. diff --git a/libiberty/argv.c b/libiberty/argv.c index 3084248b96c..8476c8fda9e 100644 --- a/libiberty/argv.c +++ b/libiberty/argv.c @@ -1,5 +1,5 @@ /* Create and destroy argument vectors (argv's) - Copyright (C) 1992, 2001 Free Software Foundation, Inc. + Copyright (C) 1992, 2001, 2010 Free Software Foundation, Inc. Written by Fred Fish @ Cygnus Support This file is part of the libiberty library. @@ -386,6 +386,9 @@ expandargv (int *argcp, char ***argvp) int i = 0; /* Non-zero if ***argvp has been dynamically allocated. */ int argv_dynamic = 0; + /* Limit the number of response files that we parse in order + to prevent infinite recursion. */ + unsigned int iteration_limit = 2000; /* Loop over the arguments, handling response files. We always skip ARGVP[0], as that is the name of the program being run. */ while (++i < *argcp) @@ -412,6 +415,12 @@ expandargv (int *argcp, char ***argvp) filename = (*argvp)[i]; if (filename[0] != '@') continue; + /* If we have iterated too many times then stop. */ + if (-- iteration_limit == 0) + { + fprintf (stderr, "%s: error: too many @-files encountered\n", (*argvp)[0]); + xexit (1); + } /* Read the contents of the file. */ f = fopen (++filename, "r"); if (!f) -- cgit v1.2.1